1. Field of the Invention
The present invention relates to mechanisms for providing security in distributed computing systems. More specifically, the present invention relates to a method and an apparatus that uses a portable security token to facilitate public key certification for devices in a network.
2. Related Art
Public key cryptography provides a powerful tool that can be used to both encrypt data and to authenticate digital signatures. However, before public key cryptography can become widely used, there must exist a practical and reliable solution to the problem of associating public keys with their owners in a trusted (authenticated) manner.
One solution to this problem is to construct a Public Key Infrastructure (PKI). A PKI supports a collection of well-known trusted public keys, which can possibly be hierarchically organized. In a PKI, the owner of a trusted key is usually referred to as a “Certification Authority,” or “CA.” A CA can use a private key corresponding to its trusted public key to authenticate the keys of other members (users and devices) in the PKI by signing the keys for the members, and creating a “digital certificate.” A digital certificate typically links a public key to information indicating who owns the key (an identity certificate), or what the key is allowed to be used for (an attribute certificate), or at a minimum, that the bearer of the corresponding private key is a valid member of this particular PKI or other trust system. The existence of a PKI simplifies the key management problem, because it is not necessary to exchange keys for all members of a trusted network, only the trusted public keys need to be exchanged.
Unfortunately, the operations involved in creating a PKI, managing a PKI, and distributing certificates, have turned out to be extremely difficult to perform in practice. Even establishing a small special-purpose PKI to support the use of public key cryptography for one application within one organization is generally considered to be too expensive and difficult to be worthwhile. One reason for this is that existing software tools are complicated, expensive, and require extensive knowledge of standards and cryptography. As a result, in spite of the fact that the use of public key cryptography can dramatically increase the security of many communications protocols (for example, compared to password-based alternatives), protocol designers typically use less secure alternatives that do not involve the “burden” of establishing a PKI. Similarly, this cost of establishing a PKI keeps individuals from considering a larger-scale use of public key cryptography in embedded devices (such as cell phones and printers), because each of these devices would have to be “provisioned” with a digital certificate.
A derivative problem exists for wireless networks. Wireless networks are notoriously difficult to configure securely, even for a knowledgeable network administrator. Consequently, many wireless networks do not provide adequate security. These networks simply leave information and network resources exposed to strangers, thereby making machines on the network vulnerable to attack. Although standards bodies have begun to specify new technologies capable of securing wireless networks, these new technologies are complex, and even more difficult to configure and manage than existing technologies.
Hence, what is needed is a less-complicated mechanism for creating a secure credential infrastructure such as a PKI, and in particular a mechanism that is practical to use in wireless networks.